Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Oracle Subscribe
Filtered by product Communications Eagle Application Processor

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11022 8 Debian, Drupal, Fedoraproject and 5 more 78 Debian Linux, Drupal, Fedora and 75 more 2022-07-25 4.3 MEDIUM 6.1 MEDIUM
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11023 7 Debian, Drupal, Fedoraproject and 4 more 54 Debian Linux, Drupal, Fedora and 51 more 2022-07-25 4.3 MEDIUM 6.1 MEDIUM
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-10219 3 Netapp, Oracle, Redhat 194 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 191 more 2022-05-23 4.3 MEDIUM 6.1 MEDIUM
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVE-2018-3693 6 Arm, Intel, Netapp and 3 more 220 Cortex-a, Cortex-r, Atom C and 217 more 2021-11-19 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
CVE-2016-5458 1 Oracle 1 Communications Eagle Application Processor 2017-09-01 5.5 MEDIUM 6.4 MEDIUM
Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL.